www.trustwave.com
Open in
urlscan Pro
199.60.103.2
Public Scan
URL:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/
Submission: On September 29 via manual from AU — Scanned from AU
Submission: On September 29 via manual from AU — Scanned from AU
Form analysis 4 forms found in the DOM
/hs-search-results
<form action="/hs-search-results" data-hs-cf-bound="true">
<input id="search" value="" type="text" class="form-control" name="q" placeholder="Search trustwave.com" autocomplete="off">
</form>/hs-search-results
<form action="/hs-search-results" data-hs-cf-bound="true">
<input id="search" value="" type="text" class="form-control" name="q" placeholder="Search trustwave.com" autocomplete="off">
</form>POST https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21158977/92358282-9e9e-4fe6-a21f-c30c1e55336d
<form id="hsForm_92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" method="POST" accept-charset="UTF-8" enctype="multipart/form-data" novalidate=""
action="https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21158977/92358282-9e9e-4fe6-a21f-c30c1e55336d"
class="hs-form-private hsForm_92358282-9e9e-4fe6-a21f-c30c1e55336d hs-form-92358282-9e9e-4fe6-a21f-c30c1e55336d hs-form-92358282-9e9e-4fe6-a21f-c30c1e55336d_8b07685a-af05-494d-97c9-05f77b995271 hs-form stacked hs-custom-form"
target="target_iframe_92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" data-instance-id="8b07685a-af05-494d-97c9-05f77b995271" data-form-id="92358282-9e9e-4fe6-a21f-c30c1e55336d" data-portal-id="21158977" data-hs-cf-bound="true">
<fieldset class="form-columns-0">
<div class="hs-richtext hs-main-font-element">
<h2 style="text-align: center; font-size: 32px;">Request a Demo<br><br></h2>
</div>
</fieldset>
<fieldset class="form-columns-2">
<div class="hs_firstname hs-firstname hs-fieldtype-text field hs-form-field"><label id="label-firstname-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="" placeholder="Enter your First Name"
for="firstname-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008"><span>First Name</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="firstname-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" name="firstname" required="" placeholder="" type="text" class="hs-input" inputmode="text" autocomplete="given-name" value=""></div>
</div>
<div class="hs_lastname hs-lastname hs-fieldtype-text field hs-form-field"><label id="label-lastname-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="" placeholder="Enter your Last Name"
for="lastname-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008"><span>Last Name</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="lastname-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" name="lastname" required="" placeholder="" type="text" class="hs-input" inputmode="text" autocomplete="family-name" value=""></div>
</div>
</fieldset>
<fieldset class="form-columns-2">
<div class="hs_company hs-company hs-fieldtype-text field hs-form-field"><label id="label-company-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="" placeholder="Enter your Company Name"
for="company-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008"><span>Company Name</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="company-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" name="company" required="" placeholder="" type="text" class="hs-input" inputmode="text" autocomplete="organization" value=""></div>
</div>
<div class="hs_email hs-email hs-fieldtype-text field hs-form-field"><label id="label-email-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="" placeholder="Enter your Business Email"
for="email-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008"><span>Business Email</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="email-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" name="email" required="" placeholder="" type="email" class="hs-input" inputmode="email" autocomplete="email" value=""></div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="hs-dependent-field">
<div class="hs_country hs-country hs-fieldtype-select field hs-form-field"><label id="label-country-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="" placeholder="Enter your Country"
for="country-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008"><span>Country</span><span class="hs-form-required">*</span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><select id="country-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" required="" class="hs-input is-placeholder" name="country">
<option disabled="" value="">Please Select</option>
<option value="United States">United States</option>
<option value="United Kingdom">United Kingdom</option>
<option value="Australia">Australia</option>
<option value="Germany">Germany</option>
<option value="Mexico">Mexico</option>
<option value="New Zealand">New Zealand</option>
<option value="Singapore">Singapore</option>
<option value="Other">Other</option>
<option value="Afghanistan">Afghanistan</option>
<option value="Åland Islands">Åland Islands</option>
<option value="Albania">Albania</option>
<option value="Algeria">Algeria</option>
<option value="American Samoa">American Samoa</option>
<option value="Andorra">Andorra</option>
<option value="Angola">Angola</option>
<option value="Anguilla">Anguilla</option>
<option value="Antarctica">Antarctica</option>
<option value="Antigua and Barbuda">Antigua and Barbuda</option>
<option value="Argentina">Argentina</option>
<option value="Armenia">Armenia</option>
<option value="Aruba">Aruba</option>
<option value="Asia/Pacific Region">Asia/Pacific Region</option>
<option value="Austria">Austria</option>
<option value="Azerbaijan">Azerbaijan</option>
<option value="Bahamas">Bahamas</option>
<option value="Bahrain">Bahrain</option>
<option value="Bangladesh">Bangladesh</option>
<option value="Barbados">Barbados</option>
<option value="Belarus">Belarus</option>
<option value="Belgium">Belgium</option>
<option value="Belize">Belize</option>
<option value="Benin">Benin</option>
<option value="Bermuda">Bermuda</option>
<option value="Bhutan">Bhutan</option>
<option value="Bolivia">Bolivia</option>
<option value="Bosnia and Herzegovina">Bosnia and Herzegovina</option>
<option value="Botswana">Botswana</option>
<option value="Bouvet Island">Bouvet Island</option>
<option value="Brazil">Brazil</option>
<option value="British Indian Ocean Territory">British Indian Ocean Territory</option>
<option value="British Virgin Islands">British Virgin Islands</option>
<option value="Brunei">Brunei</option>
<option value="Bulgaria">Bulgaria</option>
<option value="Burkina Faso">Burkina Faso</option>
<option value="Burundi">Burundi</option>
<option value="Cambodia">Cambodia</option>
<option value="Cameroon">Cameroon</option>
<option value="Canada">Canada</option>
<option value="Cape Verde">Cape Verde</option>
<option value="Caribbean Netherlands">Caribbean Netherlands</option>
<option value="Cayman Islands">Cayman Islands</option>
<option value="Central African Republic">Central African Republic</option>
<option value="Chad">Chad</option>
<option value="Chile">Chile</option>
<option value="China">China</option>
<option value="Christmas Island">Christmas Island</option>
<option value="Cocos (Keeling) Islands">Cocos (Keeling) Islands</option>
<option value="Colombia">Colombia</option>
<option value="Comoros">Comoros</option>
<option value="Congo">Congo</option>
<option value="Cook Islands">Cook Islands</option>
<option value="Costa Rica">Costa Rica</option>
<option value="Cote d'Ivoire">Cote d'Ivoire</option>
<option value="Croatia">Croatia</option>
<option value="Cuba">Cuba</option>
<option value="Curaçao">Curaçao</option>
<option value="Cyprus">Cyprus</option>
<option value="Czech Republic">Czech Republic</option>
<option value="Democratic Republic of the Congo">Democratic Republic of the Congo</option>
<option value="Denmark">Denmark</option>
<option value="Djibouti">Djibouti</option>
<option value="Dominica">Dominica</option>
<option value="Dominican Republic">Dominican Republic</option>
<option value="East Timor">East Timor</option>
<option value="Ecuador">Ecuador</option>
<option value="Egypt">Egypt</option>
<option value="El Salvador">El Salvador</option>
<option value="Equatorial Guinea">Equatorial Guinea</option>
<option value="Eritrea">Eritrea</option>
<option value="Estonia">Estonia</option>
<option value="Ethiopia">Ethiopia</option>
<option value="Europe">Europe</option>
<option value="Falkland Islands">Falkland Islands</option>
<option value="Faroe Islands">Faroe Islands</option>
<option value="Fiji">Fiji</option>
<option value="Finland">Finland</option>
<option value="France">France</option>
<option value="French Guiana">French Guiana</option>
<option value="French Polynesia">French Polynesia</option>
<option value="French Southern and Antarctic Lands">French Southern and Antarctic Lands</option>
<option value="Gabon">Gabon</option>
<option value="Gambia">Gambia</option>
<option value="Georgia">Georgia</option>
<option value="Ghana">Ghana</option>
<option value="Gibraltar">Gibraltar</option>
<option value="Greece">Greece</option>
<option value="Greenland">Greenland</option>
<option value="Grenada">Grenada</option>
<option value="Guadeloupe">Guadeloupe</option>
<option value="Guam">Guam</option>
<option value="Guatemala">Guatemala</option>
<option value="Guernsey">Guernsey</option>
<option value="Guinea">Guinea</option>
<option value="Guinea-Bissau">Guinea-Bissau</option>
<option value="Guyana">Guyana</option>
<option value="Haiti">Haiti</option>
<option value="Heard Island and McDonald Islands">Heard Island and McDonald Islands</option>
<option value="Honduras">Honduras</option>
<option value="Hong Kong">Hong Kong</option>
<option value="Hungary">Hungary</option>
<option value="Iceland">Iceland</option>
<option value="India">India</option>
<option value="Indonesia">Indonesia</option>
<option value="Iran">Iran</option>
<option value="Iraq">Iraq</option>
<option value="Ireland">Ireland</option>
<option value="Isle of Man">Isle of Man</option>
<option value="Israel">Israel</option>
<option value="Italy">Italy</option>
<option value="Jamaica">Jamaica</option>
<option value="Japan">Japan</option>
<option value="Jersey">Jersey</option>
<option value="Jordan">Jordan</option>
<option value="Kazakhstan">Kazakhstan</option>
<option value="Kenya">Kenya</option>
<option value="Kiribati">Kiribati</option>
<option value="Kosovo">Kosovo</option>
<option value="Kuwait">Kuwait</option>
<option value="Kyrgyzstan">Kyrgyzstan</option>
<option value="Laos">Laos</option>
<option value="Latvia">Latvia</option>
<option value="Lebanon">Lebanon</option>
<option value="Lesotho">Lesotho</option>
<option value="Liberia">Liberia</option>
<option value="Libya">Libya</option>
<option value="Liechtenstein">Liechtenstein</option>
<option value="Lithuania">Lithuania</option>
<option value="Luxembourg">Luxembourg</option>
<option value="Macau">Macau</option>
<option value="Macedonia (FYROM)">Macedonia (FYROM)</option>
<option value="Madagascar">Madagascar</option>
<option value="Malawi">Malawi</option>
<option value="Malaysia">Malaysia</option>
<option value="Maldives">Maldives</option>
<option value="Mali">Mali</option>
<option value="Malta">Malta</option>
<option value="Marshall Islands">Marshall Islands</option>
<option value="Martinique">Martinique</option>
<option value="Mauritania">Mauritania</option>
<option value="Mauritius">Mauritius</option>
<option value="Mayotte">Mayotte</option>
<option value="Micronesia">Micronesia</option>
<option value="Moldova">Moldova</option>
<option value="Monaco">Monaco</option>
<option value="Mongolia">Mongolia</option>
<option value="Montenegro">Montenegro</option>
<option value="Montserrat">Montserrat</option>
<option value="Morocco">Morocco</option>
<option value="Mozambique">Mozambique</option>
<option value="Myanmar (Burma)">Myanmar (Burma)</option>
<option value="Namibia">Namibia</option>
<option value="Nauru">Nauru</option>
<option value="Nepal">Nepal</option>
<option value="Netherlands">Netherlands</option>
<option value="Netherlands Antilles">Netherlands Antilles</option>
<option value="New Caledonia">New Caledonia</option>
<option value="Nicaragua">Nicaragua</option>
<option value="Niger">Niger</option>
<option value="Nigeria">Nigeria</option>
<option value="Niue">Niue</option>
<option value="Norfolk Island">Norfolk Island</option>
<option value="North Korea">North Korea</option>
<option value="Northern Mariana Islands">Northern Mariana Islands</option>
<option value="Norway">Norway</option>
<option value="Oman">Oman</option>
<option value="Pakistan">Pakistan</option>
<option value="Palau">Palau</option>
<option value="Palestine">Palestine</option>
<option value="Panama">Panama</option>
<option value="Papua New Guinea">Papua New Guinea</option>
<option value="Paraguay">Paraguay</option>
<option value="Peru">Peru</option>
<option value="Philippines">Philippines</option>
<option value="Pitcairn Islands">Pitcairn Islands</option>
<option value="Poland">Poland</option>
<option value="Portugal">Portugal</option>
<option value="Puerto Rico">Puerto Rico</option>
<option value="Qatar">Qatar</option>
<option value="Réunion">Réunion</option>
<option value="Romania">Romania</option>
<option value="Russia">Russia</option>
<option value="Rwanda">Rwanda</option>
<option value="Saint Barthélemy">Saint Barthélemy</option>
<option value="Saint Helena">Saint Helena</option>
<option value="Saint Kitts and Nevis">Saint Kitts and Nevis</option>
<option value="Saint Lucia">Saint Lucia</option>
<option value="Saint Martin">Saint Martin</option>
<option value="Saint Pierre and Miquelon">Saint Pierre and Miquelon</option>
<option value="Saint Vincent and the Grenadines">Saint Vincent and the Grenadines</option>
<option value="Samoa">Samoa</option>
<option value="San Marino">San Marino</option>
<option value="Sao Tome and Principe">Sao Tome and Principe</option>
<option value="Saudi Arabia">Saudi Arabia</option>
<option value="Senegal">Senegal</option>
<option value="Serbia">Serbia</option>
<option value="Seychelles">Seychelles</option>
<option value="Sierra Leone">Sierra Leone</option>
<option value="Sint Maarten">Sint Maarten</option>
<option value="Slovakia">Slovakia</option>
<option value="Slovenia">Slovenia</option>
<option value="Solomon Islands">Solomon Islands</option>
<option value="Somalia">Somalia</option>
<option value="South Africa">South Africa</option>
<option value="South Georgia and the South Sandwich Islands">South Georgia and the South Sandwich Islands</option>
<option value="South Korea">South Korea</option>
<option value="South Sudan">South Sudan</option>
<option value="Spain">Spain</option>
<option value="Sri Lanka">Sri Lanka</option>
<option value="Sudan">Sudan</option>
<option value="Suriname">Suriname</option>
<option value="Svalbard and Jan Mayen">Svalbard and Jan Mayen</option>
<option value="Swaziland">Swaziland</option>
<option value="Sweden">Sweden</option>
<option value="Switzerland">Switzerland</option>
<option value="Syria">Syria</option>
<option value="Taiwan">Taiwan</option>
<option value="Tajikistan">Tajikistan</option>
<option value="Tanzania">Tanzania</option>
<option value="Thailand">Thailand</option>
<option value="Togo">Togo</option>
<option value="Tokelau">Tokelau</option>
<option value="Tonga">Tonga</option>
<option value="Trinidad and Tobago">Trinidad and Tobago</option>
<option value="Tunisia">Tunisia</option>
<option value="Turkey">Turkey</option>
<option value="Turkmenistan">Turkmenistan</option>
<option value="Turks and Caicos Islands">Turks and Caicos Islands</option>
<option value="Tuvalu">Tuvalu</option>
<option value="U.S. Virgin Islands">U.S. Virgin Islands</option>
<option value="Uganda">Uganda</option>
<option value="Ukraine">Ukraine</option>
<option value="United Arab Emirates">United Arab Emirates</option>
<option value="United States Minor Outlying Islands">United States Minor Outlying Islands</option>
<option value="Uruguay">Uruguay</option>
<option value="Uzbekistan">Uzbekistan</option>
<option value="Vanuatu">Vanuatu</option>
<option value="Vatican City">Vatican City</option>
<option value="Venezuela">Venezuela</option>
<option value="Vietnam">Vietnam</option>
<option value="Wallis and Futuna">Wallis and Futuna</option>
<option value="Western Sahara">Western Sahara</option>
<option value="Yemen">Yemen</option>
<option value="Zambia">Zambia</option>
<option value="Zimbabwe">Zimbabwe</option>
</select></div>
</div>
</div>
</fieldset>
<fieldset class="form-columns-1">
<div class="legal-consent-container">
<div>
<div class="hs-dependent-field">
<div class="hs_LEGAL_CONSENT.subscription_type_28863750 hs-LEGAL_CONSENT.subscription_type_28863750 hs-fieldtype-booleancheckbox field hs-form-field">
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input">
<ul class="inputs-list">
<li class="hs-form-booleancheckbox"><label for="LEGAL_CONSENT.subscription_type_28863750-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="hs-form-booleancheckbox-display"><input
id="LEGAL_CONSENT.subscription_type_28863750-92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" class="hs-input" type="checkbox" name="LEGAL_CONSENT.subscription_type_28863750" value="true"><span>
<p>I agree to receive other communications from Trustwave.</p>
</span></label></li>
</ul>
</div>
</div>
</div>
<legend class="hs-field-desc checkbox-desc" style="display: none;"></legend>
</div>
<div class="hs-richtext">
<p>By clicking submit below, you agree to our <a href="https://www.trustwave.com/en-us/legal-documents/terms-of-use/" target="_blank" rel="noopener">Terms of Use</a> and
<a href="https://www.trustwave.com/en-us/legal-documents/privacy-policy/" target="_blank" rel="noopener">Privacy Policy. </a>Additionally, you consent to allow Trustwave to store and process the personal information submitted above to
provide you with the content requested.</p>
</div>
</div>
</fieldset>
<div class="hs_submit hs-submit">
<div class="hs-field-desc" style="display: none;"></div>
<div class="actions"><input type="submit" class="hs-button primary large" value="Submit"></div>
</div><input name="hs_context" type="hidden"
value="{"embedAtTimestamp":"1695961347051","formDefinitionUpdatedAt":"1692838964402","lang":"en","legalConsentOptions":"{\"communicationConsentCheckboxes\":[{\"communicationTypeId\":28863750,\"label\":\"<p>I agree to receive other communications from Trustwave.</p>\",\"required\":false}],\"legitimateInterestLegalBasis\":\"LEGITIMATE_INTEREST_PQL\",\"processingConsentType\":\"IMPLICIT\",\"processingConsentCheckboxLabel\":\"<p>I agree to allow Trustwave to store and process my personal data.</p>\",\"privacyPolicyText\":\"<p>By clicking submit below, you agree to our <a href=\\\"https://www.trustwave.com/en-us/legal-documents/terms-of-use/\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\">Terms of Use</a> and <a href=\\\"https://www.trustwave.com/en-us/legal-documents/privacy-policy/\\\" target=\\\"_blank\\\" rel=\\\"noopener\\\">Privacy Policy. </a>Additionally, you consent to allow Trustwave to store and process the personal information submitted above to provide you with the content requested.</p>\",\"isLegitimateInterest\":false}","embedType":"REGULAR","disableCookieSubmission":"true","clonedFromForm":"40c8a228-a6a0-4319-845f-fa2884205aba","notifyHubSpotOwner":"true","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36","pageTitle":"ModBus 101: One Protocol to Rule the OT World","pageUrl":"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/","pageId":"127729383786","isHubSpotCmsGeneratedPage":true,"canonicalUrl":"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/","contentType":"blog-post","hutk":"1987120246d1f9d23639fb4935b5bf51","__hsfp":3272624203,"__hssc":"94548739.1.1695961350644","__hstc":"94548739.1987120246d1f9d23639fb4935b5bf51.1695961350643.1695961350643.1695961350643.1","formTarget":"#hs_form_target_form_714211391","formInstanceId":"1008","rawInlineMessage":"<p style=\"text-align: center;\"><strong>Thank You</strong></p>\n<p style=\"text-align: center;\"><img style=\"height: auto; max-width: 100%; width: 258px;\" src=\"https://21158977.fs1.hubspotusercontent-na1.net/hubfs/21158977/Red%20Line.png\" alt=\"Red Line\" loading=\"lazy\" width=\"258\" height=\"22\"></p>\n<p style=\"text-align: center;\">Browse our latest <span style=\"color: #0096b3;\"><a style=\"color: #0096b3;\" href=\"https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/\" rel=\"noopener\">blogs</a></span> or visit our <span style=\"color: #0096b3;\"><a style=\"color: #0096b3;\" href=\"https://www.trustwave.com/en-us/resources/library/\" rel=\"noopener\">Resource Library</a></span>.</p>","hsFormKey":"db7a90e4fa26515d1f06f9a6e8a56dc8","pageName":"ModBus 101: One Protocol to Rule the OT World","boolCheckBoxFields":"LEGAL_CONSENT.subscription_type_28863750","locale":"en","timestamp":1695961350662,"originalEmbedContext":{"portalId":"21158977","formId":"92358282-9e9e-4fe6-a21f-c30c1e55336d","region":"na1","target":"#hs_form_target_form_714211391","isBuilder":false,"isTestPage":false,"isPreview":false,"formInstanceId":"1008","formsBaseUrl":"/_hcms/forms","css":"","inlineMessage":"<p style=\"text-align: center;\"><strong>Thank You</strong></p>\n<p style=\"text-align: center;\"><img style=\"height: auto; max-width: 100%; width: 258px;\" src=\"https://21158977.fs1.hubspotusercontent-na1.net/hubfs/21158977/Red%20Line.png\" alt=\"Red Line\" loading=\"lazy\" width=\"258\" height=\"22\"></p>\n<p style=\"text-align: center;\">Browse our latest <span style=\"color: #0096b3;\"><a style=\"color: #0096b3;\" href=\"https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/\" rel=\"noopener\">blogs</a></span> or visit our <span style=\"color: #0096b3;\"><a style=\"color: #0096b3;\" href=\"https://www.trustwave.com/en-us/resources/library/\" rel=\"noopener\">Resource Library</a></span>.</p>","isMobileResponsive":true,"rawInlineMessage":"<p style=\"text-align: center;\"><strong>Thank You</strong></p>\n<p style=\"text-align: center;\"><img style=\"height: auto; max-width: 100%; width: 258px;\" src=\"https://21158977.fs1.hubspotusercontent-na1.net/hubfs/21158977/Red%20Line.png\" alt=\"Red Line\" loading=\"lazy\" width=\"258\" height=\"22\"></p>\n<p style=\"text-align: center;\">Browse our latest <span style=\"color: #0096b3;\"><a style=\"color: #0096b3;\" href=\"https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/\" rel=\"noopener\">blogs</a></span> or visit our <span style=\"color: #0096b3;\"><a style=\"color: #0096b3;\" href=\"https://www.trustwave.com/en-us/resources/library/\" rel=\"noopener\">Resource Library</a></span>.</p>","hsFormKey":"db7a90e4fa26515d1f06f9a6e8a56dc8","pageName":"ModBus 101: One Protocol to Rule the OT World","pageId":"127729383786","contentType":"blog-post","formData":{"cssClass":"hs-form stacked hs-custom-form"},"isCMSModuleEmbed":true},"correlationId":"8b07685a-af05-494d-97c9-05f77b995271","renderedFieldsIds":["firstname","lastname","company","email","country","LEGAL_CONSENT.subscription_type_28863750"],"captchaStatus":"NOT_APPLICABLE","emailResubscribeStatus":"NOT_APPLICABLE","isInsideCrossOriginFrame":false,"source":"forms-embed-1.3812","sourceName":"forms-embed","sourceVersion":"1.3812","sourceVersionMajor":"1","sourceVersionMinor":"3812","_debug_allPageIds":{"embedContextPageId":"127729383786","analyticsPageId":"127729383786","pageContextPageId":"127729383786"},"_debug_embedLogLines":[{"clientTimestamp":1695961347186,"level":"INFO","message":"Retrieved customer callbacks used on embed context: [\"getExtraMetaDataBeforeSubmit\"]"},{"clientTimestamp":1695961347187,"level":"INFO","message":"Retrieved pageContext values which may be overriden by the embed context: {\"pageTitle\":\"ModBus 101: One Protocol to Rule the OT World\",\"pageUrl\":\"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36\",\"pageId\":\"127729383786\",\"isHubSpotCmsGeneratedPage\":true}"},{"clientTimestamp":1695961347188,"level":"INFO","message":"Retrieved countryCode property from normalized embed definition response: \"AU\""},{"clientTimestamp":1695961350654,"level":"INFO","message":"Retrieved analytics values from API response which may be overriden by the embed context: {\"hutk\":\"1987120246d1f9d23639fb4935b5bf51\",\"canonicalUrl\":\"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/\",\"contentType\":\"blog-post\",\"pageId\":\"127729383786\"}"}]}"><iframe
name="target_iframe_92358282-9e9e-4fe6-a21f-c30c1e55336d_1008" style="display: none;"></iframe>
</form>POST https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21158977/68741a11-8e56-4f23-ba7f-b2307e77714c
<form id="hsForm_68741a11-8e56-4f23-ba7f-b2307e77714c_7464" method="POST" accept-charset="UTF-8" enctype="multipart/form-data" novalidate=""
action="https://forms.hsforms.com/submissions/v3/public/submit/formsnext/multipart/21158977/68741a11-8e56-4f23-ba7f-b2307e77714c"
class="hs-form-private hsForm_68741a11-8e56-4f23-ba7f-b2307e77714c hs-form-68741a11-8e56-4f23-ba7f-b2307e77714c hs-form-68741a11-8e56-4f23-ba7f-b2307e77714c_f5af4e01-0b6c-4267-a7f1-d1a9bd97814e hs-form stacked hs-custom-form"
target="target_iframe_68741a11-8e56-4f23-ba7f-b2307e77714c_7464" data-instance-id="f5af4e01-0b6c-4267-a7f1-d1a9bd97814e" data-form-id="68741a11-8e56-4f23-ba7f-b2307e77714c" data-portal-id="21158977" data-hs-cf-bound="true">
<div class="hs_email hs-email hs-fieldtype-text field hs-form-field"><label id="label-email-68741a11-8e56-4f23-ba7f-b2307e77714c_7464" class="" placeholder="Enter your " for="email-68741a11-8e56-4f23-ba7f-b2307e77714c_7464"><span></span></label>
<legend class="hs-field-desc" style="display: none;"></legend>
<div class="input"><input id="email-68741a11-8e56-4f23-ba7f-b2307e77714c_7464" name="email" placeholder="Business Email" type="email" class="hs-input" inputmode="email" autocomplete="email" value=""></div>
</div>
<div class="hs_submit hs-submit">
<div class="hs-field-desc" style="display: none;"></div>
<div class="actions"><input type="submit" class="hs-button primary large" value="SUBSCRIBE"></div>
</div><input name="hs_context" type="hidden"
value="{"embedAtTimestamp":"1695961347099","formDefinitionUpdatedAt":"1691784892438","lang":"en","embedType":"REGULAR","renderRawHtml":"true","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36","pageTitle":"ModBus 101: One Protocol to Rule the OT World","pageUrl":"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/","pageId":"127729383786","isHubSpotCmsGeneratedPage":true,"canonicalUrl":"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/","contentType":"blog-post","hutk":"1987120246d1f9d23639fb4935b5bf51","__hsfp":3272624203,"__hssc":"94548739.1.1695961350644","__hstc":"94548739.1987120246d1f9d23639fb4935b5bf51.1695961350643.1695961350643.1695961350643.1","formTarget":"#hs_form_target_form_968519573","formInstanceId":"7464","rawInlineMessage":"<p>Thank you for your email! You will soon receive the Trustwave newsletter</p>","hsFormKey":"c1c0cfaca6346e51ea31d7e6698bfb1f","pageName":"ModBus 101: One Protocol to Rule the OT World","locale":"en","timestamp":1695961350666,"originalEmbedContext":{"portalId":"21158977","formId":"68741a11-8e56-4f23-ba7f-b2307e77714c","region":"na1","target":"#hs_form_target_form_968519573","isBuilder":false,"isTestPage":false,"isPreview":false,"formInstanceId":"7464","formsBaseUrl":"/_hcms/forms","css":"","inlineMessage":"<p>Thank you for your email! You will soon receive the Trustwave newsletter</p>","isMobileResponsive":true,"rawInlineMessage":"<p>Thank you for your email! You will soon receive the Trustwave newsletter</p>","hsFormKey":"c1c0cfaca6346e51ea31d7e6698bfb1f","pageName":"ModBus 101: One Protocol to Rule the OT World","pageId":"127729383786","contentType":"blog-post","formData":{"cssClass":"hs-form stacked hs-custom-form"},"isCMSModuleEmbed":true},"correlationId":"f5af4e01-0b6c-4267-a7f1-d1a9bd97814e","renderedFieldsIds":["email"],"captchaStatus":"NOT_APPLICABLE","emailResubscribeStatus":"NOT_APPLICABLE","isInsideCrossOriginFrame":false,"source":"forms-embed-1.3812","sourceName":"forms-embed","sourceVersion":"1.3812","sourceVersionMajor":"1","sourceVersionMinor":"3812","_debug_allPageIds":{"embedContextPageId":"127729383786","analyticsPageId":"127729383786","pageContextPageId":"127729383786"},"_debug_embedLogLines":[{"clientTimestamp":1695961347282,"level":"INFO","message":"Retrieved customer callbacks used on embed context: [\"getExtraMetaDataBeforeSubmit\"]"},{"clientTimestamp":1695961347282,"level":"INFO","message":"Retrieved pageContext values which may be overriden by the embed context: {\"pageTitle\":\"ModBus 101: One Protocol to Rule the OT World\",\"pageUrl\":\"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36\",\"pageId\":\"127729383786\",\"isHubSpotCmsGeneratedPage\":true}"},{"clientTimestamp":1695961347282,"level":"INFO","message":"Retrieved countryCode property from normalized embed definition response: \"AU\""},{"clientTimestamp":1695961350663,"level":"INFO","message":"Retrieved analytics values from API response which may be overriden by the embed context: {\"hutk\":\"1987120246d1f9d23639fb4935b5bf51\",\"canonicalUrl\":\"https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modbus-101-one-protocol-to-rule-the-ot-world/\",\"contentType\":\"blog-post\",\"pageId\":\"127729383786\"}"}]}"><iframe
name="target_iframe_68741a11-8e56-4f23-ba7f-b2307e77714c_7464" style="display: none;"></iframe>
</form>Text Content
Trustwave achieves verified MXDR solution and FastTrack ready partner status
from Microsoft. Learn More
* Contact Us
* Login
Fusion Platform Login
What is the Trustwave Fusion Platform?
MailMarshal Cloud Login
* Incident Response
EXPERIENCING A SECURITY BREACH?
Get access to immediate incident response assistance.
24 HOUR HOTLINES
* AMERICAS +1 855 438 4305
* EMEA +44 8081687370
* AUSTRALIA +61 1300901211
* SINGAPORE +65 68175019
Recommended Actions
Request a Demo
* Services
Services
Managed Detection & Response
Eradicate cyberthreats with world-class intel and expertise
Managed Security Services
Expand your team’s capabilities and strengthen your security posture
Consulting & Professional Services
Tap into our global team of tenured cybersecurity specialists
Penetration Testing
Subscription- or project-based testing, delivered by global experts
Database Security
Get ahead of database risk, protect data and exceed compliance requirements
Email Security & Management
Catch email threats others miss with layered security & maximum control
Co-Managed SOC (SIEM)
Eliminate alert fatigue, focus your SecOps team, stop threats fast, and
reduce cyber risk
View All Trustwave Services
* Solutions
Solutions
BY INDUSTRY
* Education
* Financial Services
* Government
Why Trustwave
The Trustwave Approach
A focus on threat detection and response
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Researchers, ethical hackers and responders
Trustwave Fusion Platform
Unprecedented security visibility and control
SpiderLabs Fusion Center
Our cybersecurity command center
Security Operations Centers
Distributed worldwide defense nodes
* Healthcare
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance
cybersecurity threats
Register
Login
* Hotels
Resources
BLOGS
* Trustwave Blog
* SpiderLabs Blog
UPCOMING
* Webinars
* Events
MEDIA & ASSETS
* Document Library
* Video Library
* Analyst Reports
* Webinar Replays
* Case Studies
* Trials & Evaluations
NOTICES
* Security Advisories
* Software Updates
HELP
* Contact
* Support
* Legal
* Manufacturing
* Retail
BY REGULATION
* Data Privacy
* CMMC
* FISMA
Why Trustwave
The Trustwave Approach
A focus on threat detection and response
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Researchers, ethical hackers and responders
Trustwave Fusion Platform
Unprecedented security visibility and control
SpiderLabs Fusion Center
Our cybersecurity command center
Security Operations Centers
Distributed worldwide defense nodes
* GDPR
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance
cybersecurity threats
Register
Login
* GLBA
Resources
BLOGS
* Trustwave Blog
* SpiderLabs Blog
UPCOMING
* Webinars
* Events
MEDIA & ASSETS
* Document Library
* Video Library
* Analyst Reports
* Webinar Replays
* Case Studies
* Trials & Evaluations
NOTICES
* Security Advisories
* Software Updates
HELP
* Contact
* Support
* HIPAA
* ISO
* SOX
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
* Why Trustwave
Why Trustwave
The Trustwave Approach
A focus on threat detection and response
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Researchers, ethical hackers and responders
Trustwave Fusion Platform
Unprecedented security visibility and control
SpiderLabs Fusion Center
Our cybersecurity command center
Security Operations Centers
Distributed worldwide defense nodes
* Partners
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity
threats
Register
Login
* Resources
Resources
BLOGS
* Trustwave Blog
* SpiderLabs Blog
UPCOMING
* Webinars
* Events
MEDIA & ASSETS
* Document Library
* Video Library
* Analyst Reports
* Webinar Replays
* Case Studies
* Trials & Evaluations
NOTICES
* Security Advisories
* Software Updates
HELP
* Contact
* Support
* Contact Us
* Login
login
Fusion Platform Login
What is the Trustwave Fusion Platform?
MailMarshal Cloud Login
* Incident Response
Incident Response
EXPERIENCING A SECURITY BREACH?
Get access to immediate incident response assistance.
24 HOUR HOTLINES
* AMERICAS +1 855 438 4305
* EMEA +44 8081687370
* AUSTRALIA +61 1300901211
* SINGAPORE +65 68175019
Recommended Actions
*
Trustwave achieves verified MXDR solution and FastTrack ready partner status
from Microsoft. Learn More
Request a Demo
REQUEST A DEMO
First Name*
Last Name*
Company Name*
Business Email*
Country*
Please SelectUnited StatesUnited KingdomAustraliaGermanyMexicoNew
ZealandSingaporeOtherAfghanistanÅland IslandsAlbaniaAlgeriaAmerican
SamoaAndorraAngolaAnguillaAntarcticaAntigua and
BarbudaArgentinaArmeniaArubaAsia/Pacific
RegionAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia
and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBritish
Virgin IslandsBruneiBulgariaBurkina FasoBurundiCambodiaCameroonCanadaCape
VerdeCaribbean NetherlandsCayman IslandsCentral African
RepublicChadChileChinaChristmas IslandCocos (Keeling)
IslandsColombiaComorosCongoCook IslandsCosta RicaCote
d'IvoireCroatiaCubaCuraçaoCyprusCzech RepublicDemocratic Republic of the
CongoDenmarkDjiboutiDominicaDominican RepublicEast TimorEcuadorEgyptEl
SalvadorEquatorial GuineaEritreaEstoniaEthiopiaEuropeFalkland IslandsFaroe
IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern and
Antarctic
LandsGabonGambiaGeorgiaGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard
Island and McDonald IslandsHondurasHong
KongHungaryIcelandIndiaIndonesiaIranIraqIrelandIsle of
ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKosovoKuwaitKyrgyzstanLaosLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacauMacedonia
(FYROM)MadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall
IslandsMartiniqueMauritaniaMauritiusMayotteMicronesiaMoldovaMonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmar
(Burma)NamibiaNauruNepalNetherlandsNetherlands AntillesNew
CaledoniaNicaraguaNigerNigeriaNiueNorfolk IslandNorth KoreaNorthern Mariana
IslandsNorwayOmanPakistanPalauPalestinePanamaPapua New
GuineaParaguayPeruPhilippinesPitcairn IslandsPolandPortugalPuerto
RicoQatarRéunionRomaniaRussiaRwandaSaint BarthélemySaint HelenaSaint Kitts and
NevisSaint LuciaSaint MartinSaint Pierre and MiquelonSaint Vincent and the
GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi
ArabiaSenegalSerbiaSeychellesSierra LeoneSint MaartenSlovakiaSloveniaSolomon
IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth
KoreaSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan
MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTogoTokelauTongaTrinidad
and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos IslandsTuvaluU.S. Virgin
IslandsUgandaUkraineUnited Arab EmiratesUnited States Minor Outlying
IslandsUruguayUzbekistanVanuatuVatican CityVenezuelaVietnamWallis and
FutunaWestern SaharaYemenZambiaZimbabwe
* I agree to receive other communications from Trustwave.
By clicking submit below, you agree to our Terms of Use and Privacy Policy.
Additionally, you consent to allow Trustwave to store and process the personal
information submitted above to provide you with the content requested.
Services
Managed Detection & Response
Eradicate cyberthreats with world-class intel and expertise
Managed Security Services
Expand your team’s capabilities and strengthen your security posture
Consulting & Professional Services
Tap into our global team of tenured cybersecurity specialists
Penetration Testing
Subscription- or project-based testing, delivered by global experts
Database Security
Get ahead of database risk, protect data and exceed compliance requirements
Email Security & Management
Catch email threats others miss with layered security & maximum control
Co-Managed SOC (SIEM)
Eliminate alert fatigue, focus your SecOps team, stop threats fast, and reduce
cyber risk
View All Trustwave Services
Solutions
BY INDUSTRY
* Education
* Financial Services
* Government
* Healthcare
* Hotels
* Legal
* Manufacturing
* Retail
BY REGULATION
* Data Privacy
* CMMC
* FISMA
* GDPR
* GLBA
* HIPAA
* ISO
* SOX
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
The Trustwave Approach
A focus on threat detection and response
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Researchers, ethical hackers and responders
Trustwave Fusion Platform
Unprecedented security visibility and control
SpiderLabs Fusion Center
Our cybersecurity command center
Security Operations Centers
Distributed worldwide defense nodes
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity
threats
Register
Login
Resources
BLOGS
* Trustwave Blog
* SpiderLabs Blog
UPCOMING
* Webinars
* Events
MEDIA & ASSETS
* Document Library
* Video Library
* Analyst Reports
* Webinar Replays
* Case Studies
* Trials & Evaluations
NOTICES
* Security Advisories
* Software Updates
HELP
* Contact
* Support
MODBUS 101: ONE PROTOCOL TO RULE THE OT WORLD
Victor Hanna Jun 10, 2022
CONTENTS
1.
2. ICS: Industrial Control Systems
3.
4. OT: What is Operational Technology and its components ?
5.
6. What is Modbus and How is the Protocol Structured?
7.
8. How does ModBus work?
9.
10. ModBus Flavors
11.
12. The Anatomy of a ModBus Frame
13.
14. The Exploit: How such a protocol is susceptible to attack
15.
16. Attack Chain
17.
18. Conclusion
19.
20. References
21.
22. Recommendations
Jul 25, 2023
ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)
Nov 24, 2021
ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)
Oct 13, 2022
ModSecurity Request Body Parsing: Recent Bypass Issues
Ever wondered how large-scale power plants monitor or control the myriad of
systems that fill their environment? Have you thought about how some of the
world’s greatest industrial hacks were enacted?
This post will look to illuminate how one tiny legacy protocol, namely "ModBus"
could help to understand just how straight forward this could be. To gain a more
in-depth understanding we will be pulling apart the following things:
* ICS: Industrial Control Systems
* OT: What is Operational Technology
* Modbus: What it is and how is the protocol is structured ?
* The Exploits: How such a protocol is susceptible to attack
ICS: INDUSTRIAL CONTROL SYSTEMS
A "control system" can be defined as a system that manages, commands, directs,
or regulates the behavior of other systems.
An "Industrial Control System" is simply the generic term that describes a group
of integrated control systems which are used to control instrumentation within
an industrial environment. These types of systems may be made up of Relays,
which could be used to control attached components or, the monitoring of
various sources such as water pressure gauges for example.
In common parlance, an ICS can be compared to a symphony conductor. It’s system
that directs and controls all the sub-systems resulting in a smooth-running
operation.
OT: WHAT IS OPERATIONAL TECHNOLOGY AND ITS COMPONENTS ?
"Operation Technology" is the term used to describe the hardware and software
used to detect or cause a change to a component of a "Industrial Control
System". A common way to control such components is using a "PLC (Programmable
Logic Controller)", which is simply a Microprocessor-based controller that can
be used to bridge the gap between the analog world (a physical relay that
controls a light) and the digital world (a network interface that allows
individual PLC's to be interconnected for management and control purposes).
Specific protocols have been developed to control these interconnected PLC's.
One of which, named ModBus has become the de-facto open standard commonly used
to connect diverse ICSs over an Ethernet structure.
WHAT IS MODBUS AND HOW IS THE PROTOCOL STRUCTURED?
Modbus has been around for many years. It was initially developed in 1968 and
released into the market in 1979 by Modicon, now Schneider Electric, as a
protocol designed to replace hard-wired relay systems.
Modbus is now an open standard and a widely used communications protocol that
allows for the monitoring and controlling of individual PLCs within an ICS.
HOW DOES MODBUS WORK?
ModBus has become the de facto standard, truly open and the most widely used
network protocol in the industrial manufacturing environment. It has been
implemented by hundreds of vendors on thousands of different devices to transfer
discrete/analog I/O and register data between control devices. It is a lingua
franca of common denominator between different manufacturers.
The ModBus protocol functions as a method to share messages amongst a group of
interconnected devices. This messaging mechanism is used by each device to share
information amongst one another, typically over a common physical medium type.
The common physical medium type in use may vary across the industry. The choice
of common medium type is commonly dependent on the type of device in use, that
is to say not all devices share a standard physical interconnection type and
thus ModBus provides a way in which to bridge this gap. This bridging is why
ModBus has a widespread appeal and hence its broad usage.
The ModBus protocol itself comes in many flavors. These varying flavors exist to
facilitate the diversity in physical medium types in use across the industry.
In a generic sense the protocol uses a Client/Server architecture, where each
device is assigned a unique identifier. Using this architecture, a client will
typically communicate to one or more listening server devices using the unique
identifier as reference. The client in this case will send ModBus requests and
commands, which direct the server devices to execute a native command.
The following section will expand on the main two types of flavors that are
commonly found to be in use across the industry.
MODBUS FLAVORS
The ModBus protocol comes in two main variants or flavors. These flavors
specifically cater to the two main types of mediums or physical communications
interfaces, namely Serial or Ethernet. We will describe both in this post,
however Ethernet will be our primary focus, especially when describing "The
Exploits" in a later section.
1. ModBusRTU (Remote Terminal Unit)
* This protocol/flavor is used with Serial Communications, where an RTU may be
deployed and physically connected via a RS-485, RS-422 or RS-232 physically
connected device.
* Using this protocol and physical connection strategy, this caters for devices
that do not possess ethernet capabilities.
* In this protocol, direct physical connections are made either between two
directly connected devices (Client/Server), or alternatively using a
'multi-drop' environment, where a RS-485 (Long range serial) connection is
made between a client and subsequently daisy chained together attaching
multiple server devices.
* In this environment communications is always initiated from the client and
CRC checks are conducted in order to ensure the integrity of the message
flows.
* RS-485 uses a physical DB-9 connector type.
ModBus Daisy Chain
DB-9 Connector Type
2. ModBusTCP
* This protocol/flavor is used to communicate ModBus over ethernet networks
which are using TCP/IP.
* The ModBus service typically runs over port 502/tcp in clear text.
* Unlike the ModBusRTU variant, ModBusTCP DOES NOT utilize a CRC as this
functionality is already built into the ethernet protocol itself.
* RJ45 are the typical physical connectors used with this protocol.
ModBusTCP Typical Setup
THE ANATOMY OF A MODBUS FRAME
At a 30,000 foot view the ModBus frame or MBAP (ModBus Application Protocol
Header) looks something like this:
However, a closer look at a ModBus frame appears like this:
Now, if we were to populate the frame with data it may start resembling
something like this: 000000000006FF0600020f0f
Given that most of us don't speak native HEX, I have broken things down even
further in a more digestible format below:
0000 0000 0006 FF 06 00020f0f
<2-byte Transaction ID>|<2-byte Protocol ID>|<2-byte length>|<1-byte Unit
ID>|<1-byte function code>|<Data for response or commands>
The static portion of the frame i.e., the first seven bytes remain mostly
unchanged between transactions. Where it starts to become a little more dynamic
is in the last section of the frame. The section that is being referred to, in
this instance, starts from the 1-byte function code onwards. This section
provides the server with information about how it should respond. This response
may also require the PLC to execute a low-level function e.g., switching of a
relay.
The following table illustrates the available function codes. Function codes are
simply commands sent from a client to a server that instruct the server to do
something useful.
Function Codes
Referring to our example, the function code in use is '06', which as we can see
is the code for the 'Write Single Holding Register' function. If we break down
this specific functional code, we will understand its requirements and/or
format.
Function Code ‘06’
As seen, the function code '06' uses two a 2-byte fields for its request, the
first of which is the address to be written to and the second is the value that
is required to be written. The first value corresponding to '0002' is the
address to be written to. The second value corresponding to '0f0f' is the value
that is required to be written.
A register simply refers to an address location in memory. In our case this
address location will be '40002'. The reason that this value is 40002 and not
0002 is that the output holding register (the register that will be monitor for
change) starts off at offset memory location '40000'. So, in our case, we have
instructed address location 40002 to be populated with a two-byte value of
'0f0f'.
Write Holding Registers
When an output holding register is changed the on-board controller, after
monitoring its new value will execute upon the value found in the register. This
may correspond to either a ON or OFF for example.
THE EXPLOIT: HOW SUCH A PROTOCOL IS SUSCEPTIBLE TO ATTACK
Now that we have the theory behind us, let’s look at some of the main reasons
that this type of protocol is susceptible to attack.
Some of the ModBus protocol weaknesses include:
1. A lack of required authentication for requests
2. A lack of encryption of traffic
3. A lack of anti-replay defences
An attacker taking advantage of these deficiencies can chain them together
ultimately leading to control of the devices.
ATTACK CHAIN
1. Sniffing of unencrypted traffic over the wire
2. Replaying of the attack using a custom exploit to fully take-over and
control the end device.
Practical Example
This particular practical example uses a ModBus enabled device. This device is
used to control two physical relays, which in this instance is connected to a
strobe light. This strobe light could be easily substituted for a door
controller or alternatively a myriad of other potential target devices.
This example shows how an attacker can:
* Capture a clear text ModBus command, originally destined to a target device.
Through use of simply sniffing techniques.
* Use this captured data to fully takeover the target device using a weaponized
custom exploit.
CONCLUSION
The main goal for this post was to showcase the under-hood workings of what
makes an OT tick. ModBus and various other protocols are often at the heart of
many OT environments and as such places many ICSs at risk in terms of
compromise.
The underlying weaknesses as so described in this post, are often not considered
in forethought due a number of reasons, some of which may include:
* The “interoperability” aspect taking precedence over the “security” aspect.
In this instance it may become more impactful to interrupt a functioning OT
environment than to fully realize the security uplift itself.
* The OT environment itself may consist of many legacy devices that may
themselves not be upgradeable to utilize secure standards such as ‘Secure
ModBus’. Secure ModBus at its core uses Ethernet as its common physical
medium, TCP/IP as transport and Certificate Based Authentication to both
secure traffic flows and to provide mutual authentication between server and
client.
* An organizations genuine naivety with respect to the lack of security with
such a protocol.
REFERENCES
* Regular Penetration Testing regime: Partnering with a skilled consultancy
which through regular penetration testing and assessment can provide insight
into the resilience of an organizations OT environment.
* Consider the use and potential uplifting of an OT environment towards a more
secure protocol usage, such as “Secure ModBus” as described above.
* Ensure that the facility which services the OT environment uses a defence in
depth model. This infers the usage of security at each layer of the OT
environments ecosystem. Some examples may include but are not limited to, the
use of security appliances such as IDS’s and Firewalls and the adequate usage
of physical access control systems such as to ward of internal threat actors,
by limiting/restricting access to OT end systems.
RECOMMENDATIONS
* https://en.wikipedia.org/wiki/Modbus#Protocol_versions
* https://www.modbus.org/
* https://www.ni.com/en-au/innovations/white-papers/14/the-modbus-protocol-in-depth.html
Jul 25, 2023
ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)
Nov 24, 2021
ModSecurity DoS Vulnerability in JSON Parsing (CVE-2021-42717)
Oct 13, 2022
ModSecurity Request Body Parsing: Recent Bypass Issues
Previous
Trustwave's Action Response: More MSDT Fallout with “Dogwalk”
Next
The Importance of White-Box Testing: A Dive into CVE-2022-21662
STAY INFORMED
SIGN UP TO RECEIVE THE LATEST SECURITY NEWS AND TRENDS FROM TRUSTWAVE.
*
*
*
*
* Leadership Team
* Our History
* News Releases
* Media Coverage
* Careers
* Global Locations
* Awards & Accolades
* Trials & Evaluations
* Contact
* Support
* Security Advisories
* Software Updates
* Legal
* Terms of Use
* Privacy Policy
Copyright © 2023 Trustwave Holdings, Inc. All rights reserved.
We use cookies to provide you a relevant user experience, analyze our traffic,
and provide social media features. Privacy Policy
GOT IT
PREFERENCE CENTRE
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information
Allow All
MANAGE CONSENT PREFERENCES
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then
some or all of these services may not function properly.
Back Button
COOKIE LIST
Search Icon
Filter Icon
Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
Confirm My Choices